The present invention concerns security protection within a secure device and pertains particularly to a method and apparatus for performing a secure operation.
In order to protect against theft or misuse, security devices are utilized to protect property. The property can be tangible or intangible. An example of intangible property that often requires protection is information stored within an integrated circuit memory.
One solution is to include security features on the integrated circuit upon which the information is stored. In this way, the information may be encrypted and access to the encrypted information can be limited.
For some applications, however, implementation of a security system on a single integrated circuit may not be feasible. For example, a security system may be implemented using two integrated circuits. A first integrated circuit is a security device and a second integrated circuit is a non-volatile memory such as an erasable programmable read-only memory (EPROM) or a flash memory.
The security device encrypts information using a security key, unique to the security device, before storing the information on the non-volatile memory. This protects the information from being read by other devices.
One problem with this approach is that there can be susceptibility to a "replay" attack. In a replay attack the data stored in the non-volatile memory is copied. Later the copied data can be used to restore the information within the non-volatile memory to a previous value.
For example, suppose the security system is used to keep track of an amount of money. Further, suppose the security system initially has $50 to spend in an "off-line" system. If the security system is implemented using two integrated circuits, the security device encrypts the amount "$50" using a security key and places the encoded value in the non-volatile memory. Without the security key, the encrypted amount is safe from decryption. Further, without the security key it would be extremely difficult to replace the encrypted amount of $50 with another valid dollar amount.
However, now suppose that the contents of the non-volatile memory is copied. This copy of the contents includes the encrypted amount of $50. The $50 now may be spent by the user of the security system. After all the money has been spent, the security device encrypts the amount "$0" using the security key and places the encoded value in the non-volatile memory. However, the copy of the contents the non-volatile memory can now be copied back to the non-volatile memory and replace the current contents. Since the copy of the contents was made when the encrypted amount was $50, the copy back from the previous contents of the non-volatile memory results in restoration of the encrypted amount to $50. Thus, when the replacement of the contents of the non-volatile memory is not detectable to the security device, it can allow the security system to be circumvented.